Subscription Agreement

This Subscription Agreement (this “Agreement”) contains terms and conditions that govern your purchase of subscriptions to, and use of, the Services (as defined below), and is a contract between Vulners, Inc., a Delaware corporation (“Vulners”), and you or the entity or organization that you represent.

If you are an individual using the Services for your own purposes: (1) all references to “Customer” are to you and (2) you represent and warrant that you are at least 18 years of age, or have otherwise reached the age of “majority” where you reside, and that you have the right, power and authority to enter into this Agreement.

If you are using the Services on behalf of an entity or organization that you represent: (1) all references to “Customer” are to that entity or organization and (2) you represent and warrant that you are at least 18 years of age, or have otherwise reached the age of “majority” where you reside, and that you have the right, power and authority to enter into this Agreement on behalf of Customer.

This Agreement becomes binding and effective on Customer upon the earliest of: (1) when you access or use the Services, or (2) when you click an “I Accept” “Sign up” or similar button or check box referencing this Agreement with Vulners.

  1. Subscription.

    This Agreement sets forth the terms pursuant to which Customer may access and use Vulners’s hosted Services in connection with its Subscription to the Services. The Services will support Customer’s search, analysis and assessment of the security vulnerabilities of the systems, platforms, services, software, devices, sites and/or networks that Customer uses in its own internal business operations (collectively, but exclusive of the subscribed Services, “Customer’s Environment”).

  2. Access and Use.

    1. Subject to the applicable Subscription and this Agreement, Vulners hereby grants to Customer the right to access and use the Services in accordance with the Documentation during the Subscription Term for Customer’s Environment.

    2. As between the Parties, Customer controls Customer’s Environment and its individual components (each, a “Customer Component”), whether owned, leased or licensed by Customer, located on Customer’s premises or cloud-based, used by Customer on a software-as-a-service basis or otherwise. Customer will be able to use the Services by establishing integrations or other connections to one or more Customer Components (each, a “Connection”). By implementing a Connection to a Customer Component, Customer hereby grants to Vulners the right, and is expressly instructing Vulners, to access and interoperate with that Customer Component during the Subscription Term in order to provide and support the Services. Customer is responsible for complying with all applicable third-party terms, policies and licenses governing its access and use of Customer Components and associated data (collectively, “Third-Party Terms”).

    3. All rights granted by each Party to the other under this Section 2 are limited, nonexclusive and, except as otherwise provided in this Agreement, non-transferable.

  3. Availability.

    Vulners commits to make the Services Available at least 99.8% of the time, exclusive of any time the Services are not Available as a result of one or more Exceptions (the “Availability Standard”). If the actual Availability of the Services is less than the Availability Standard in any two consecutive months, Customer may terminate the applicable Subscription in the calendar month following such two-month period upon written notice to Vulners. In the event of such termination, Vulners will issue Customer a Pro-Rated Refund (as defined in Section 15.4).

  4. Support.

    Subject to this Agreement, Vulners will provide Support to Authorized Users by email. Although resolution times are not guaranteed, Vulners commits to respond to each request for Support from an Authorized User (each, a “Support Request”) within 48 hours. Customer’s sole and exclusive remedy for any alleged failure by Vulners to provide Support with reasonable skill, care and diligence following a Support Request shall be re-performance of the applicable Support.

  5. APIs and Tools.

    One or more APIs will be available to Customer to assist with Customer’s implementation of Connections, and Vulners makes client libraries available to facilitate Customer’s coding against the API(s). In addition, Authorized Users may install a Vulners-produced software agent on certain Customer Components to support Customer’s collection of Customer Data. The code for these libraries and agents (collectively, “Ancillary Tools”) are available in public repositories at https://github.com/vulnersCom and are subject to the applicable open source licenses referenced in those repositories. Customer determines and controls what APIs and Ancillary Tools (if any) to use in connection with the Services. By using an API or Ancillary Tool in connection with the Services, Customer hereby agrees to do so in accordance with the Documentation and, in the case of the Ancillary Tool, with the applicable open source licenses (provided that if an applicable open source license for an Ancillary Tool contradicts rights or restrictions in the Documentation, the license will take precedence). The Ancillary Tools are not “Services” or “Support” for purposes of this Agreement.

  6. Hosting and Other Providers.

    Vulners uses third-party hosting providers, other service providers and Vulners Affiliates to support the provision of the Services and Support in the ordinary course of its business, i.e., not specifically for Customer (collectively, “Ordinary Course Providers”). Vulners reserves the right to engage and substitute Ordinary Course Providers as it deems appropriate, but shall: (a) remain responsible to Customer for the provision of the Services and Support and (b) be liable for the actions and omissions of its Ordinary Course Providers undertaken in connection with Vulners’s performance of this Agreement to the same extent Vulners would be liable if performing the Services or Support directly. In no event shall providers of Customer Components be deemed Ordinary Course Providers for any purpose under this Agreement.

  7. Security and Privacy.

    1. Customer is responsible for properly configuring the Services in accordance with the Documentation, enabling single sign-on for Customer’s accounts, and securing access passwords, keys, tokens or other credentials used by Customer in connection with the Services (collectively, “Customer Credentials”). Customer agrees to use reasonable efforts to prevent unauthorized access or use of the Services and to promptly notify Vulners if Customer believes (a) any Customer Credentials have been lost, stolen or made available to an unauthorized third party or (b) an unauthorized third party has accessed the Services or Customer Data.
    2. Except for limited Personal Information in Account Data, Vulners does not require Personal Information for Customer’s access and use of the Services. Customer shall limit Personal Information in Account Data to only that necessary for the creation and administration of its Vulners account.
    3. Vulners may Process information about Customer’s configuration and use of the Services (“Usage Data”) and Account Data: (a) to manage Customer’s account; (b) to provide and improve the Services and Support, including to address Support Requests and troubleshoot other issues; and (c) to provide Customer and Authorized Users insights, service and feature announcements and other reporting. Vulners may also Process Usage Data that has been aggregated and/or anonymized (including, for clarity, that does not allow a third party to identify Customer as the source of the information): (i) to develop new services and features and (ii) to promote Vulners’s services, including, for example, through analyses of patterns and trends. Vulners’s Processing of Usage Data, Customer Data and Account Data shall at all times be subject to Vulners’s obligations under this Agreement, including those of confidentiality under Section 13; and, with respect to Account Data, the Privacy Policy.

  8. Customer Responsibilities and Restrictions.

    1. Customer will be solely responsible for: (a) Customer’s Environment, including as necessary to enable Authorized Users’ access and use of the Services; (b) Account Data and Customer Credentials (including activities conducted with Customer Credentials), subject to Vulners’s Processing obligations under this Agreement; (c) providing any required notices to, and receiving any required consents and authorizations from, Customer Component providers, Authorized Users and persons whose Personal Information may be included in Account Data or Customer Credentials; and (d) ensuring use of the Services is only for Customer’s Environment and in accordance with the AUP, Documentation and applicable Third-Party Terms.
    2. No provision of this Agreement includes the right to, and Customer shall not, directly or indirectly: (a) enable any person or entity other than Authorized Users to access and use the Services; (b) attempt to gain unauthorized access to any Service or its related systems or networks; (c) use any Service to access Vulners Intellectual Property Rights except as permitted under this Agreement; (d) modify, copy or create any derivative work based upon a Service or any portion, feature or function of a Service; (e) resell, distribute or otherwise make available any Service to any third party, including as part of a managed services offering; (f) except to the extent limited by Applicable Law, reverse engineer, disassemble or decompile all or any portion of, or attempt to discover or recreate the source code for, the Services or access or use the Services or Documentation in order to (1) copy ideas, features, functions or graphics, (2) develop competing products or services, or (3) perform competitive analyses; (g) remove, obscure or alter any proprietary notice related to the Services; (h) send or store Malicious Code; (i) use or permit others to use the Services in violation of Applicable Law; or (j) use or permit others to use the Services other than as described in the applicable Subscription, Documentation and this Agreement.
    3. Vulners reserves the right to investigate potential violations of the above provisions of this Section 8. In the event Vulners reasonably believes a violation has occurred, in addition to any other remedies available at law or in equity (including termination pursuant to Section 15.2), Vulners will have the right to suspend Authorized Users suspected of the violation from accessing the Services for so long as is reasonably necessary to address the potential violation. Except where Vulners reasonably believes the violations are willful, or in urgent or emergency situations, Vulners will notify Customer of any such suspension in advance (each, a “Suspension Notice”) and work with Customer in good faith to resolve the potential violation. For clarity, Vulners reserves the right, but does not assume any obligation to Customer (except with respect to the Suspension Notice), to take any of the actions described in this Section 8.3.

  9. Compliance with Applicable Laws

    Each Party agrees to comply with all Applicable Laws with respect to its performance of its obligations and exercise of its rights under this Agreement. Without limiting the foregoing:

    1. Each Party shall comply with Applicable Laws concerning the privacy and protection of Personal Information.
    2. Each Party shall comply with Applicable Laws concerning anti-bribery and anti-corruption, which may include the U.S. Foreign Corrupt Practices Act of 1977 and the UK Bribery Act 2010. As of the date of this Agreement and the date of each Subscription, Customer represents that it has neither received nor been offered any illegal or improper bribe, kickback, payment, gift or thing of value from any employee, agent or representative of Vulners or its Affiliates in connection with this Agreement. Customer agrees to promptly notify Vulners if it learns of any violation of the foregoing. This representation is not intended to include customary and reasonable gifts and entertainment provided in the ordinary course of business, to the extent such gifts and entertainment are permitted by Applicable Law.
    3. Each Party shall (a) comply with Applicable Laws administered by the U.S. Commerce Bureau of Industry and Security, U.S. Treasury Office of Foreign Assets Control or other governmental entity imposing export controls and trade sanctions (“Export Laws”), including designating countries, entities and persons (“Sanctions Targets”) and (b) not directly or indirectly export, re-export or otherwise deliver Services to a Sanctions Target, or broker, finance or otherwise facilitate any transaction in violation of any Export Laws. Customer represents that it is not a Sanctions Target or prohibited from receiving Services pursuant to this Agreement under Applicable Laws, including Export Laws.

  10. Pricing and Fees

    1. Customer may use the Services for free, subject to the limitations set forth on the Pricing Page.
    2. If the Customer is paying for the Services, Customer agrees to pay all fees charged by Vulners for Customer’s use of Services in accordance with this Agreement and applicable Subscription (collectively, “Fees”). Prices for Services are set forth on the Pricing Page. Fees must be paid in U.S. dollars and, subject to Section 10.3, within 30 days of invoice. Fees for Services include Support at no additional charge.
    3. If the Customer is paying for the Services, Customer agrees to pay all fees charged by Vulners for Customer’s use of Services in accordance with this Agreement and applicable Subscription (collectively, “Fees”). Prices for Services are set forth on the Pricing Page. Fees must be paid in U.S. dollars and, subject to Section 10.3, within 30 days of invoice. Fees for Services include Support at no additional charge.
    4. If Customer is paying Fees using a credit card or any digital payment method supported by Vulners, Customer authorizes Vulners to charge Customer’s account for the Services using that payment method. Customer must keep all information in its billing account current to ensure that all Fees are charged to the appropriate account and are timely paid. If Customer notifies Vulners to stop using a previously designated payment method and fails to designate an alternative, Vulners may immediately suspend use and access to the Services. Any notice from Customer changing its billing account will not affect charges Vulners submits to Customer’s billing account before Vulners reasonably can act on Customer’s request. Vulners uses a third-party intermediary to manage credit card processing, and this intermediary is not permitted to use Customer’s credit card information except in connection with Customer’s authorized purchases. Notice (including email) from Vulners’s third-party credit card processor declining Customer’s credit card or otherwise relating to Customer’s account will be deemed valid notice from Vulners.
    5. Effective upon the one-year anniversary of this Agreement and up to one time per calendar year thereafter, Vulners may increase then current pricing for the Services by up to the greater of 5% or a percentage equal to the increase for the prior 12-month period (or the prior period of the same duration as the Renewal Subscription Term, if longer) in the CPI – All Urban Consumers (U.S. All Items) or successor series, as published by the U.S. Bureau of Labor Statistics. If Customer objects to the increase, Customer must notify Vulners of its intention not to terminate the Subscription within 30 days of Customer’s receipt of notice of the increase from Vulners. Failure to timely notify Vulners shall be deemed to constitute consent to the applicable fee increase.
    6. Unless either Party gives the other Party written notice of its intention not to renew a Subscription at least 15 days prior to its expiration date, the Subscription will automatically renew for additional periods of the same duration as the expiring Subcription Term (each, a “Renewal Subscription Term”).

  11. Taxes.

    All Fees are exclusive of taxes, levies, duties or charges imposed by government authorities (collectively, “Taxes”). Customer shall be solely responsible for all sales, service, value-added, use, excise, consumption and any other Taxes on amounts payable by Customer under the Subscription and this Agreement (other than any Taxes on Vulners’s income, revenues, gross receipts, personnel or assets). Without limiting the foregoing, if Customer is required to deduct or withhold any Taxes under Applicable Laws outside the United States, Customer shall remit such Taxes in accordance with those Applicable Laws and all Fees payable shall be increased so that Vulners receives an amount equal to the sum it would have received had no withholding or deduction been made.

  12. Ownership.

    As between the Parties: (a) Customer owns all right, title and interest in and to Customer’s Environment, including in each case all associated Intellectual Property Rights, and (b) Vulners owns all right, title and interest in and to the Services, Documentation and Feedback, including in each case all associated Intellectual Property Rights. Except for the rights expressly granted by one Party to the other in this Agreement, all rights are reserved by the granting Party.

  13. Confidentiality.

    1. As used in this Agreement, “Confidential Information” means any information disclosed by one Party, its Affiliates, business partners or their respective employees, agents or contractors (collectively, the “Discloser”) that is designated as confidential, either orally or in writing, or that, given the nature of the information or circumstances surrounding its disclosure, reasonably should be understood to be confidential. Confidential Information includes without limitation: (a) Customer Data; (b) information relating to the Discloser’s or its Affiliates’ technology, customers, business plans, promotional and marketing activities, finances and other business affairs; (c) third-party information that the Discloser is obligated to keep confidential; and (d) the terms of this Agreement and the Subscription. However, Confidential Information does not include any information that: (i) was known to the Party that receives any Confidential Information (the “Recipient”) prior to receiving the same from the Discloser in connection with this Agreement; (ii) is independently developed by the Recipient without reference to or use of the Discloser’s Confidential Information; (iii) is acquired by the Recipient from another source without restriction as to use or disclosure; or (iv) is or becomes publicly available through no fault or action of the Recipient.
    2. The Recipient shall not (a) use the Discloser’s Confidential Information for any purpose outside the scope of this Agreement without the Discloser’s prior written consent or (b) disclose the Discloser’s Confidential Information to any person or entity, except to the Recipient’s employees, agents, contractors and service providers who (i) are bound by non-use and non-disclosure obligations at least as protective as those contained in this Agreement and (ii) have a need to know the Confidential Information for the Recipient to exercise its rights or perform its obligations under this Agreement. Notwithstanding the foregoing, the Recipient may disclose the Discloser’s Confidential Information to the limited extent any use or disclosure is required by Applicable Law or a valid and binding order of a governmental body (such as a subpoena or court order), provided that, to the extent permitted under Applicable Law, the Recipient uses reasonable efforts to give the Discloser reasonable advance notice thereof to afford the Discloser an opportunity to intervene and seek an order or other appropriate relief for the protection of its Confidential Information. In the event of any breach or threatened breach by the Recipient of its obligations under this Section, the Discloser will be entitled to seek injunctive and other equitable relief to enforce such obligations.

  14. Disclaimers.

    1. EXCEPT AS EXPRESSLY PROVIDED IN THIS AGREEMENT, NEITHER PARTY MAKES ANY WARRANTY OR GUARANTEE OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, AND EACH PARTY SPECIFICALLY DISCLAIMS ALL WARRANTIES, WHETHER IMPLIED, EXPRESS, OR STATUTORY, INCLUDING ANY IMPLIED WARRANTY OF TITLE, MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT, AND ALL WARRANTIES ARISING FROM COURSE OF DEALING, USAGE OR TRADE PRACTICE, TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW.
    2. EXCEPT AS EXPRESSLY PROVIDED IN THIS AGREEMENT, ALL SERVICES, SUPPORT AND ANY OTHER MATERIAL ARE PROVIDED BY VULNERS ON AN “AS IS” AND “AS AVAILABLE” BASIS. VULNERS MAKES NO REPRESENTATION OR WARRANTY, AND HAS NO SUPPORT OBLIGATIONS OR LIABILITY, WITH RESPECT TO ANY CUSTOMER COMPONENT. WITHOUT LIMITING THE OTHER PROVISIONS OF THIS SECTION 14, VULNERS MAKES NO WARRANTY OF ANY KIND THAT THE SERVICES, DOCUMENTATION, ANCILLARY TOOLS OR ANY OTHER MATERIAL, OR RESULTS OF THE USE THEREOF, WILL: (a) MEET CUSTOMER’S OR ANY OTHER PERSON’S REQUIREMENTS; (b) OPERATE WITHOUT INTERRUPTION; (c) ACHIEVE ANY INTENDED RESULT; (d) BE ERROR FREE OR (e) BE COMPATIBLE, WORK WITH OR CONTINUE TO WORK WITH CUSTOMER COMPONENTS. ANY CHANGES TO CUSTOMER COMPONENTS (INCLUDING THEIR UNAVAILABILITY) OR THIRD-PARTY TERMS DURING A SUBSCRIPTION TERM DO NOT AFFECT CUSTOMER’S OBLIGATIONS UNDER THE APPLICABLE SUBSCRIPTOIN OR THIS AGREEMENT.

  15. Term and Termination.

    1. The term of this Agreement will continue through the expiration or earlier termination of the Subscription to be in effect, if any.
    2. Subject to Section 10.2, Vulners may terminate any Subscription upon written notice to Customer if Customer fails to pay any amount due under the Subscription, and such failure continues more than 10 days after Vulners’s delivery of written notice. In addition, either Party may terminate the Subscription and this Agreement, effective on written notice to the other Party, if the other Party materially breaches this Agreement, and such breach (if capable of cure) remains uncured 30 days after the non-breaching Party provides the breaching Party with written notice of such breach.
    3. Upon expiration or earlier termination of a Subscription: (a) subject to Section 15.5, all rights granted to Customer with respect to Services under such Subscription will terminate effective as of the effective date of termination; (b) subject to Section 15.5, Vulners will have no obligation to provide Services to Customer or Authorized Users after the effective date of the termination; and (c) Customer will, subject to Section 15.4, pay to Vulners any Fees payable for Customer’s and any Authorized User’s use of Services through the effective date of the termination, together with all other amounts in accordance with the Subscription and this Agreement.
    4. If a Subscription is terminated early by Customer pursuant to Section 3 or 15.2, or by Vulners pursuant to Section 16.2: (a) Customer shall not be obligated to pay any additional amounts following the effective date of termination and (b) Vulners will refund to Customer a pro rata share of any unused amounts prepaid by Customer under the applicable Subscription for the Services on the basis of the remaining portion of the current Subscription Term (a “Pro-Rated Refund”). In all other cases, and regardless of whether Customer uses the Services, Customer will not be entitled to a refund of Fees paid and any unpaid Fees outstanding will become immediately due and payable.
    5. Provided Customer has paid all amounts due under this Agreement, and subject to any applicable shorter Service Plan retention periods, for up to 30 days from the effective date of termination of this Agreement an Authorized User designated by Customer will be permitted to continue to access and download Customer Data that was accessible to Authorized Users through the Services immediately prior to termination. The designated Authorized User’s access and use will continue to be subject to the terms of this Agreement, provided the Authorized User shall not access or use the Services other than to download Customer Data.
    6. The provisions set forth in the following Sections, and any other right or obligation of the Parties in this Agreement that, by its nature, should survive termination or expiration of this Agreement, will survive any expiration or termination of this Agreement: 7.4, 8.2, 9, 12 through 17, and 19 through 28.

  16. Indemnification.

    1. Subject to Sections 16.2 and 16.4, Vulners agrees to defend, indemnify and hold harmless Customer, its Participating Affiliates (as defined in Section 20) and their employees, contractors, agents, officers and directors (collectively, “Customer Indemnitees”), from and against any and all claims, damages, obligations, losses, liabilities, costs or debt, and expenses (including without limitation attorneys’ fees) (collectively, “Losses”) arising out of or related to any legal claim, suit, action or proceeding (each, an “Action”) by a third party alleging use of the Services as permitted under this Agreement infringes such third party’s United States patent or copyright, or misappropriates such third party’s trade secrets (each, a “Customer Infringement Claim”).
    2. If the Services become, or in Vulners’s opinion are likely to become, the subject of a Customer Infringement Claim, Vulners may in its discretion and at its own expense: (a) obtain for Customer the right to continue using the Services; (b) modify the Services so that they no longer infringe or misappropriate; or (c) terminate this Agreement and the Subscription and issue a Pro-Rated Refund. Vulners will have no obligation to indemnify Customer for a Customer Infringement Claim to the extent it arises from any of the following (collectively, “Customer-Controlled Matters”): (i) Customer’s Environment, including Connections to Customer Components, whether enabled through APIs, Ancillary Tools or otherwise; (ii) Account Data or Customer Credentials (including activities conducted with Customer Credentials), subject to Vulners’s Processing obligations under this Agreement; or (iii) use of the Services by Customer or an Authorized User in a manner that breaches the terms of the Subscription or this Agreement. SECTIONS 16.1 AND 16.2 STATE VULNERS’S ENTIRE LIABILITY AND CUSTOMER’S EXCLUSIVE REMEDIES FOR ANY CLAIM OF INTELLECTUAL PROPERTY RIGHTS INFRINGEMENT OR MISAPPROPRIATION.
    3. Subject to Section 16.4, Customer agrees to defend, indemnify and hold harmless Vulners, its Affiliates and their employees, contractors, agents, officers and directors (collectively, “Vulners Indemnitees”), from and against any and all Losses arising out of or related to any Action by a third party arising out of or relating to Customer-Controlled Matters.
    4. A Customer Indemnitee or Vulners Indemnitee (each, an “Indemnitee”) seeking indemnification shall promptly notify the other Party (each, an “Indemnifying Party”), in writing of any Action for which it seeks indemnification pursuant to Section 16.1 or 16.3 (as applicable) and cooperate with the Indemnifying Party at the Indemnifying Party’s expense. The Indemnifying Party shall promptly take control of the defense and investigation of such Action and shall employ counsel of its choice to handle and defend the same, at the Indemnifying Party’s expense. An Indemnitee may participate in and observe the proceedings at its own expense with counsel of its own choice. A Party’s failure to perform any obligations under this Section 16.4 will not relieve the Indemnifying Party of its obligations under Section 16.1 or 16.3 (as applicable) except to the extent that the Indemnifying Party can demonstrate that it has been materially prejudiced as a result of such failure. The Indemnifying Party shall not settle an Action without the Indemnitee’s written consent if such settlement shall require action or payment by the Indemnitee.

  17. Limitations of Liability.

    TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, EXCEPT AS OTHERWISE PROVIDED IN THIS SECTION 17: (a) IN NO EVENT SHALL EITHER PARTY, ITS AFFILIATES OR THEIR EMPLOYEES, AGENTS, CONTRACTORS, OFFICERS OR DIRECTORS BE LIABLE FOR ANY INDIRECT, PUNITIVE, INCIDENTAL, SPECIAL, CONSEQUENTIAL OR EXEMPLARY DAMAGES, INCLUDING WITHOUT LIMITATION DAMAGES FOR BUSINESS INTERRUPTION, LOSS OF PROFITS, GOODWILL, USE, DATA OR OTHER INTANGIBLE LOSSES ARISING OUT OF OR RELATING TO THIS AGREEMENT; AND (b) IN NO EVENT SHALL EITHER PARTY’S CUMULATIVE AND AGGREGATE LIABILITY UNDER THIS AGREEMENT EXCEED THE FEES PAID TO VULNERS BY CUSTOMER UNDER THE APPLICABLE SUBSCRIPTION IN THE 12 MONTHS PRECEDING THE EVENT GIVING RISE TO THE LIABILITY. THE EXCLUSIONS AND LIMITATIONS IN THIS SECTION (COLLECTIVELY, THE “EXCLUSIONS”) APPLY WHETHER THE ALLEGED LIABILITY IS BASED ON CONTRACT, TORT, NEGLIGENCE, STRICT LIABILITY OR ANY OTHER BASIS, EVEN IF THE NON-BREACHING PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. THE EXCLUSIONS SHALL NOT APPLY TO A PARTY’S INDEMNIFICATION OBLIGATIONS UNDER SECTION 16, CUSTOMER’S BREACH OF SECTION 8.2, OR CUSTOMER’S PAYMENT OBLIGATIONS TO VULNERS UNDER THIS AGREEMENT. THE PROVISIONS OF THIS SECTION 17 ALLOCATE THE RISKS UNDER THIS AGREEMENT BETWEEN THE PARTIES, AND THE PARTIES HAVE RELIED ON THE EXCLUSIONS IN DETERMINING TO ENTER INTO THIS AGREEMENT AND THE PRICING FOR THE SERVICES.

  18. Publicity.

    Neither Party shall, except as otherwise required by Applicable Law or stock exchange requirements, issue or release any announcement, statement, press release or other publicity or marketing materials relating to this Agreement or otherwise use the other Party’s marks or logos without the prior written consent of the other Party; provided, however, that Vulners may (subject its obligations of non-attribution under Section 7.4) include Customer’s name and logo in its lists of Vulners customers, its public website and other promotional material. Vulners agrees to promptly cease such uses of Customer’s name and logo following Customer’s request sent to [email protected].

  19. Notices.

    Subject to change pursuant to this Section: (a) Vulners’s physical address for notices is at Delaware, Wilmington 19801, 1000 N West Street, Suite 1200 and its email address for notices is [email protected] and (b) Customer’s physical and email addresses for notices are those associated with its Subscription. Notices required or permitted to be given under this Agreement shall be in writing and shall be deemed to be sufficiently given: (i) one business day after being sent by overnight courier to the Party’s physical address; (ii) three business days after being sent by registered mail, return receipt requested, to the Party’s physical address; or (iii) one business day after being sent by email to the Party’s email address (provided that (1) the sender does not receive a response that the message could not be delivered or an out-of-office reply and (2) any notice for an indemnifiable Action must be sent by courier or mail pursuant to clause (i) or (ii)). Either Party may change its address(es) for notice by providing notice to the other in accordance with this Section.

  20. Customer Affiliates.

    Where an Affiliate of Customer has not entered into a Subscription or other separate agreement directly with Vulners, Customer may authorize that Affiliate (each, a “Participating Affiliate”) to access and use the Services under an existing Subscription between Vulners and Customer. In such cases, references to “Customer” in the applicable Subscription and this Agreement will be deemed references to both Customer and the Participating Affiliate. Customer and its Participating Affiliates will be jointly and severally liable for compliance with this Agreement and the Subscription hereunder. As between Vulners and Customer, Customer accepts full liability for the acts and omissions of its Participating Affiliates.

  21. Assignment.

    So long as Customer remains current in the payment of all amounts when due, Customer may assign this Agreement in connection with any merger, consolidation or reorganization involving Customer (regardless of whether Customer is a surviving or disappearing entity), or a sale of all or substantially all of Customer’s business or assets relating to this Agreement to an unaffiliated third party. Subject to the foregoing, Customer may not assign any of its rights or obligation under this Agreement, whether by operation of law or otherwise, without Vulners’s prior written consent, and any purported assignment in violation of this Section is void. This Agreement is binding upon and inures to the benefit of the Parties hereto and their respective permitted successors and assigns.

  22. U.S. Government Customers.

    The Services and Documentation are provided to the U.S. Government as “commercial items,” “commercial computer software,” “commercial computer software documentation,” and “technical data” with the same rights and restrictions generally applicable to the Services and Documentation. If Customer or any Authorized User is using Services and Documentation on behalf of the U.S. Government and these terms fail to meet the U.S. Government’s needs or are inconsistent in any respect with federal law, Customer and Customer’s Authorized Users must immediately discontinue use of the Services and Documentation. The terms listed above are defined in the Federal Acquisition Regulation and the Defense Federal Acquisition Regulation Supplement.

  23. Independent Parties; No Third-Party Beneficiaries.

    The Parties expressly understand and agree that their relationship is that of independent contractors. Nothing in this Agreement shall constitute one Party as an employee, agent, joint venture partner or servant of another. This Agreement is for the sole benefit of the Parties hereto and their respective successors and permitted assigns and nothing herein, express or implied, is intended to or shall confer on any other person any legal or equitable right, benefit or remedy of any nature whatsoever under or by reason of this Agreement.

  24. Force Majeure.

    Neither Party shall be liable or responsible to the other Party, nor be deemed to have defaulted under or breached this Agreement, for any failure or delay in fulfilling or performing any term of this Agreement (except for any obligations to make payments), when and to the extent such failure or delay is caused by acts of God; flood, fire or explosion; war, terrorism, invasion, riot or other civil unrest; embargoes or blockades in effect on or after the date of this Agreement; or national or regional emergency (each of the foregoing, a “Force Majeure Event”), in each case, provided the event is outside the reasonable control of the affected Party, the affected Party provides prompt notice to the other Party, stating the period of time the occurrence is expected to continue, and the affected Party uses diligent efforts to end the failure or delay and minimize the effects of such Force Majeure Event.

  25. Governing Law; Venue.

    Except to the extent the issue arising under this Agreement is governed by United States federal law, this Agreement shall be governed by and construed and enforced in accordance with the laws of the State of Delaware without giving effect to the choice of law rules of that State. Any legal action or proceeding arising under or relating to this Agreement shall be brought exclusively in the state or federal courts located in New Castle County, State of Delaware, USA, and the Parties expressly consent to personal jurisdiction and venue in those courts. The Parties agree that the United Nations Convention on Contracts for the International Sale of Goods are specifically excluded from application to this Agreement.

  26. Miscellaneous.

    This Agreement, together with the AUP, is the complete and exclusive statement of the agreement between the Parties and supersedes all proposals, questionnaires and other communications and agreements between the Parties (oral or written) relating to the subject matter of this Agreement. Any terms and conditions of any other instrument issued by Customer in connection with this Agreement which are in addition to, inconsistent with or different from the terms and conditions of this Agreement shall be of no force or effect. Additionally, this Agreement supersedes any confidentiality, non-disclosure, evaluation or trial agreement previously entered into by the Parties with respect Customer’s or an Affiliate’s evaluation of the Services or otherwise with respect to the Services. Except as otherwise provided in Section 28, this Agreement may be modified only by a written instrument duly executed by authorized representatives of the Parties. The failure of a Party to exercise or enforce any condition, term or provision of this Agreement will not operate as a waiver of such condition, term or provision. Any waiver by either Party of any condition, term or provision of this Agreement shall not be construed as a waiver of any other condition, term or provision. If any provision of this Agreement is held invalid or unenforceable, the remainder of the Agreement shall continue in full force and effect. The headings in this Agreement are for reference only and shall not affect the interpretation of this Agreement. For purposes of this Agreement, the words “include,” “includes” and “including” are deemed to be followed by the words “without limitation”; the word “or” is not exclusive; and the words “herein,” “hereof,” “hereby,” “hereto” and “hereunder” refer to this Agreement as a whole.

  27. Definitions.

    Capitalized terms not otherwise defined in this Agreement shall have the respective meanings assigned to them in this Section 27.

    “Account Data” means information about Customer that Customer provides to Vulners in connection with the creation or administration of its Vulners account, such as first and last name, user name and email address of an Authorized User or Customer’s billing contact. Customer shall ensure that all Account Data is current and accurate at all times during the applicable Subscription Term, and shall in no event include Sensitive Information in Account Data.

    “Affiliate” means, with respect to a Party, a business entity that directly or indirectly controls, is controlled by or is under common control with, such Party, where “control” means the direct or indirect ownership of more than 50% of the voting securities of a business entity.

    “API” means an application programming interface referenced in the Documentation that Vulners maintains and makes available to Customer in connection with the Services.

    “Applicable Laws” means any and all governmental laws, rules, directives, regulations or orders that are applicable to a particular Party’s performance under this Agreement.

    “AUP” means Vulners’s standard Acceptable Use Policy, currently available at https://vulners.com/static/docs/acceptable_use_policy.html.

    “Authorized User” means an individual employee, agent or contractor of Customer or a Participating Affiliate for whom subscriptions to Services have been purchased pursuant to the terms of the applicable Subscription and this Agreement, and who has been supplied user credentials for the Services by Customer or the Participating Affiliate (or by Vulners at Customer’s or a Participating Affiliate’s request).

    “Available” means the Services are available for access and use by end users over the internet; “Availability” has a correlative meaning. Availability is assessed from the point where the Services are made available from Vulners’s hosting provider and measured in minutes over the course of each calendar month during the Subscription Term. Customer may request Availability information by submitting a Support Request.

    “Documentation” means Vulners’s standard user documentation for the Services, currently available at https://vulners.com/docs/.

    “Exceptions” means any of: (a) Customer’s breach of this Agreement, a Subscription or the AUP; (b) Customer’s failure to configure and use the Services in accordance with the Documentation; (c) failures of, or issues with, Customer’s Environment; (d) Force Majeure Events; (e) Vulners’s suspension of Authorized Users’ access to the Services pursuant to Section 8.3 or 15.2; or (f) maintenance during a window for which Vulners provides notice by email or through the Services in advance.

    “Feedback” means bug reports, suggestions or other feedback with respect to the Services or Documentation provided by Customer to Vulners, exclusive of any Customer Confidential Information therein.

    “GDPR” means the General Data Protection Regulation 2016 / 679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing of Directive 95/46/EC.

    “Intellectual Property Rights” means any and all registered and unregistered rights granted, applied for, or otherwise now or hereafter in existence under or related to any patent, copyright, trademark, trade secret, database protection, or other intellectual property rights laws, and all similar or equivalent rights or forms of protection, in any part of the world.

    “Malicious Code” means viruses, worms, time bombs, Trojan horses and other harmful or malicious code, files, scripts, agents or programs.

    “Party” means each of Vulners and Customer.

    “Personal Information” means information relating to an identified or identifiable natural person that is protected by Applicable Laws with respect to privacy where the individual resides.

    “Pricing Page” means the publicly available web page(s) where Vulners publishes its list prices for Services, currently available at https://vulners.com/pricing.

    “Privacy Policy” means Vulners’s standard Privacy Policy, currently available at https://vulners.com/static/docs/privacy_policy.html.

    “Process” means to perform an operation or set of operations on data, content or information, including to submit, transmit, post, transfer, disclose, collect, record, organize, structure, store, adapt or alter; “Processing” has a correlative meaning.

    “Sensitive Information” means the following categories of Personal Information: (a) government-issued identification numbers, including Social Security numbers; (b) financial account data; (c) biometric, genetic, health or insurance data; (d) financial information; (e) data revealing race, ethnicity, political opinions, religion, philosophical beliefs or trade union membership; (f) data concerning sex life or sexual orientation; and (g) data relating criminal convictions and offenses. Without limiting the foregoing, the term “Sensitive Information” includes Personal Information that is subject to specific or heightened requirements under Applicable Law or industry standards, such as Social Security numbers in the United States, protected health information under the U.S. Health Insurance Portability and Accountability Act, nonpublic personal information under the U.S. Gramm-Leach-Bliley Act, cardholder data under the PCI Data Security Standard, and special categories of personal data under the GDPR.

    “Services” means the security vulnerabilities search engine and assessment platform to which Customer subscribes through, or otherwise uses following, a Subscription that is made available by Vulners online via the applicable login page and other web pages designated by Vulners. Vulners may make such changes to the Services as Vulners deems appropriate from time to time, provided such changes do not materially decrease the features or functionality of the Services as they existed at the effective date of this Agreement.

    “Subscription” means the packaged plan and associated features, as detailed at the Pricing Page, for the Services to which Customer subscribes.

    “Subscription Term” means, with respect to each Subscription, the subscription term for the Services specified in the applicable Subscription and all Renewal Subscription Terms, if any. In the event a Subscription does not specify a fixed term, then the Subscription Term will run from the Subscription’s effective date until the end of the calendar month in which either Party gives notice of termination in accordance with Section 19, unless the Subscription is otherwise terminated earlier in accordance with this Agreement or the Subscription.

    “Support” means Vulners’s standard customer technical support for the Services, currently provided exclusively via email.

  28. Changes to this Agreement.

    Vulners may modify this Agreement at any time by posting a revised version at https://vulners.com/static/docs/subscription_agreement.html, which modifications will become effective as of the first day of the calendar month following the month in which they were first posted. If Customer objects to the updated Agreement, as its sole and exclusive remedy, Customer may choose not to renew the Subscription. For the avoidance of doubt, any Subscription is subject to the version of the Agreement in effect at the time of the.

All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Vulners,